Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/XrcO4YCcDstKzzqLAKSw2o8KuX4.roa
File: XrcO4YCcDstKzzqLAKSw2o8KuX4.roa (raw, json)
Hash identifier: /pRVrYNoBWx4htI42/Wo4DKLFY8/watKvLGR7Yu9/hY=
Subject key identifier: 5E:B7:0E:E1:80:9C:0E:CB:4A:CF:3A:8B:00:A4:B0:DA:8F:0A:B9:7E
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0185A50805BBD9D655A17C75410C0F75C8C2
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/XrcO4YCcDstKzzqLAKSw2o8KuX4.roa
Signing time: Thu 12 Jan 2023 08:10:44 +0000
ROA not before: Thu 12 Jan 2023 08:10:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 5.105.26.0/24 maxlen: 24
5.105.40.0/24 maxlen: 24
5.105.43.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a5:08:05:bb:d9:d6:55:a1:7c:75:41:0c:0f:75:c8:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Jan 12 08:10:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5eb70ee1809c0ecb4acf3a8b00a4b0da8f0ab97e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:01:f3:e3:a9:35:78:9d:9d:0d:2c:d5:86:57:
bb:86:5c:29:b9:bf:3d:74:87:2f:31:18:d2:6c:bb:
5e:f0:08:0b:f8:c9:1e:c6:98:49:0c:a3:0c:95:e7:
57:79:0c:26:a4:f3:d5:01:75:66:92:1e:cb:5d:f1:
bf:d5:7f:04:8c:22:e9:39:54:29:9d:f5:b2:81:1a:
d6:e9:d1:a5:8d:06:dc:31:39:26:44:f0:73:65:f6:
91:64:0e:5b:3a:90:d0:c8:d9:95:be:21:f3:27:5e:
73:d8:3e:08:82:c3:ef:b3:7f:b4:47:ad:61:b4:36:
e7:f7:77:cd:b4:05:ad:bf:48:6c:8f:e4:bd:98:f3:
d0:b6:5b:d0:87:bc:da:e9:b6:9a:a9:47:16:73:4f:
da:f6:f5:39:55:c6:32:1d:b1:cf:5f:fb:d9:92:f0:
52:b3:29:7d:e6:3d:fd:b7:53:bb:c4:54:d9:94:b6:
5a:90:b9:c9:36:a9:d7:52:7b:a2:9b:fc:ec:6a:57:
ca:0d:10:82:5f:3e:29:d3:95:b0:b9:9e:9f:1d:e0:
30:b6:ad:12:5e:f2:fc:c9:ba:f1:5c:b0:8f:a9:05:
3f:f6:9a:52:ed:e3:f9:5e:43:80:66:ee:a8:dd:eb:
a7:c2:71:21:79:b5:5a:3a:4e:dc:43:48:9a:2f:62:
2a:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:B7:0E:E1:80:9C:0E:CB:4A:CF:3A:8B:00:A4:B0:DA:8F:0A:B9:7E
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/XrcO4YCcDstKzzqLAKSw2o8KuX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.26.0/24
5.105.40.0/24
5.105.43.0/24
Signature Algorithm: sha256WithRSAEncryption
08:1e:52:e9:90:8e:26:2c:9a:8c:99:f7:07:04:ef:e8:20:99:
d6:a4:7b:8e:78:79:a5:89:5e:1d:3e:13:99:d3:3b:40:ec:69:
8c:69:6b:e9:e0:34:d3:b2:78:90:03:62:ee:18:30:c3:7d:7f:
be:f4:c1:00:4a:ef:94:d6:94:dd:45:3e:25:6c:39:e8:8f:f6:
02:78:d6:03:d7:47:7e:47:d1:f0:45:4d:19:44:11:b9:d9:59:
e5:3e:62:09:23:e8:6a:82:78:1a:dd:79:49:07:75:09:a1:a8:
78:24:5e:9e:63:d9:f3:b9:80:be:89:3b:62:c3:0d:76:b0:4d:
dd:5c:45:f5:7c:79:5a:d3:40:8f:0c:9f:d0:9c:05:00:b0:71:
15:e1:80:f7:d1:90:94:24:e4:73:02:c7:d4:3d:c2:68:b5:75:
72:44:b1:ca:bb:0f:74:fb:70:30:c7:c8:db:bb:2f:f0:a0:33:
ec:e2:9f:62:64:fa:37:4a:78:9e:ba:70:4e:86:5b:1b:4e:81:
f2:30:b7:94:a9:34:32:fc:3c:79:93:55:92:93:da:33:cb:86:
4b:b7:ee:cb:fb:38:85:fb:73:91:01:f1:fc:1f:12:49:c7:4a:
28:9f:a8:ac:50:f7:95:ed:5b:d6:76:6b:c4:fd:76:ee:e2:28:
83:c0:8e:45
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYWlCAW72dZVoXx1QQwPdcjCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwMTEyMDgxMDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWI3MGVlMTgwOWMwZWNiNGFjZjNhOGIwMGE0YjBkYThmMGFiOTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhgHz46k1eJ2dDSzVhle7hlwpub89
dIcvMRjSbLte8AgL+MkexphJDKMMledXeQwmpPPVAXVmkh7LXfG/1X8EjCLpOVQp
nfWygRrW6dGljQbcMTkmRPBzZfaRZA5bOpDQyNmVviHzJ15z2D4IgsPvs3+0R61h
tDbn93fNtAWtv0hsj+S9mPPQtlvQh7za6baaqUcWc0/a9vU5VcYyHbHPX/vZkvBS
syl95j39t1O7xFTZlLZakLnJNqnXUnuim/zsalfKDRCCXz4p05WwuZ6fHeAwtq0S
XvL8ybrxXLCPqQU/9ppS7eP5XkOAZu6o3eunwnEhebVaOk7cQ0iaL2IqcQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF63DuGAnA7LSs86iwCksNqPCrl+MB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvWHJjTzRZQ2NEc3RLenpxTEFLU3cybzhLdVg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABWkaAwQA
BWkoAwQABWkrMA0GCSqGSIb3DQEBCwUAA4IBAQAIHlLpkI4mLJqMmfcHBO/oIJnW
pHuOeHmliV4dPhOZ0ztA7GmMaWvp4DTTsniQA2LuGDDDfX++9MEASu+U1pTdRT4l
bDnoj/YCeNYD10d+R9HwRU0ZRBG52VnlPmIJI+hqgnga3XlJB3UJoah4JF6eY9nz
uYC+iTtiww12sE3dXEX1fHla00CPDJ/QnAUAsHEV4YD30ZCUJORzAsfUPcJotXVy
RLHKuw90+3Awx8jbuy/woDPs4p9iZPo3SnieunBOhlsbToHyMLeUqTQy/Dx5k1WS
k9ozy4ZLt+7L+ziF+3ORAfH8HxJJx0oon6isUPeV7VvWdmvE/Xbu4iiDwI5F
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:27 2025 by rpki-client